Back in early June Microsoft announced it had taken down the GameOver Zeus botnet, in an effort to protect customers. But, thwarting the internet bad guys is much more difficult in practice than it is in theory. Now security researches claim the phoenix is rising from its ashes.
The folks at Arbor Networks, a security research firm, have been keeping regular tabs, and have noted a sudden and very rapid growth. The rise is actually due to a new variant that seems to be spreading quickly, but has become most prevalent in the US.
Anyone who reads the news will have a clear idea of what "crime" involves. There are guns, welding torches, gangsters marauding through banks armed to the teeth. But the true extent of illegal activities stretches far beyond the violent crimes we are all too familiar with, and into a world where criminals operate comfortably from behind a screen.
In fact, the underground Internet economy of cybercrime is a mirror image of the world we see every day. There are employees, bosses and online marketplaces, as well as corporations that could give even some of the largest Silicon Valley giants a run for their money. It's a world where, instead of trading goods such as clothes or bicycles, people trade and sell illegal data, as well as the tools used to obtain it.
I have a confession. It's hard to admit, and I know it might make me a bit of a social pariah and an outcast in the industry I work in but I need to get this off my chest:
I used a single password for many online services *deep breath* for a long time.
America loves celebrities. Scam artists, the only criminals we refer to as artists, are well aware of our fascination with the lives and sometimes untimely deaths of celebrities, and exploit this interest through a number of schemes aimed at turning the public's fascination into the identity thief’s treasure.
The sad and tragic death by suicide of Robin Williams has become the latest opportunity for identity thieves to exploit a celebrity death for financial gain. In one Robin Williams related scam, a post appears on your Facebook page -- it often can appear to come from someone you know, when, in fact, it is really from an identity thief who has hacked into the Facebook account of your real friend. The post provides a link to photos or videos that appeal in some instances to an interest in Robin Williams related movie or standup performances. However, in other instances, the link will appeal to the lowest common denominator and purport to provide police photos or videos of the suicide site. If you fall for this bait by clicking on the link, one of two things can happen, both of which are bad.
Google’s Safe Browsing service protects users from malicious websites and warns against potentially dangerous downloads in Chrome. According to Google, over three million download warnings are being viewed every week, and because it’s available for other browsers, this technology is helping to keep 1.1 billion people safe.
From next week, Google says it will be protecting users from additional malicious software, delivering warnings whenever you attempt to download something that might try and make unwanted changes to your browser or computer.
Ever wondered why hackers do what they do? Thycotic, a software firm specializing in privileged access password protection, conducted a survey of 127 hackers at Black Hat USA 2014 to try and understand their thinking.
The company found that more than half of the hackers (51 percent) were driven by the fun/thrill, while 19 percent were in it for the money. Few hackers fear getting caught with 86 percent confident they will never face repercussions for their activities.
In ever more competitive global markets the success or failure of a business can rest on insights and solutions that allow it to operate more efficiently than its competitors.
If this information falls into the hands of a competitor advantage is lost. Yet the results of a new study by Kaspersky Lab show that one in five manufacturing businesses has suffered a loss of intellectual property in the last 12 months.
According to researchers who monitored millions of malware messages sent over the past 18 months, the amount of communications sent by malware programs spiked dramatically in the lead-up to the conflict between Russia and Ukraine over the future of Crimea. A similar spike was seen in malware attacking Israel in the days before its recent hostilities with Hamas in Gaza.
Edward Snowden has claimed that the US accidentally took most of Syria off the Internet while attempting to bug the country's online traffic.
Speaking to National Security Agency journalist James Bamford for Wired, the whistleblower claimed that a US intelligence officer told him that the NSA was responsible for Syria's disconnect from the web in late 2012, and not the Assad regime.
Panda Security has announced the launch of its 2015 consumer range, claiming that it’s "lighter, safer and easier to use than ever before".
Protection is improved with the new XMT (Extreme Malware Terminator) Smart Engineering engine. This isn't just marketing spin, either: the latest AV-Test and AV-Comparatives reports both saw XMT-powered products at the top of the list.
A friend of mine bought a new iPhone 5s recently, used it for just over a week, and then 'lost it'. It might have been stolen or simply misplaced, she has no idea. All she knows for certain is she no longer has it in her possession. That’s bad enough, but she spent much of the first week copying over photos and other personal data to it from her old phone, but didn’t devote any time -- at all -- to protecting the device.
So in other words, if someone else has her iPhone now -- which it’s pretty safe to assume is the case -- they also have access to everything on it, which could be potentially catastrophic for her. The thing is, it’s so easy to protect a smartphone these days it amazes me so many people don’t bother to take the following simple steps:
Email can be inherently dangerous, as less savvy users can, and do, click links that can lead to nefarious locations on the web. The links are frequently a bit hidden -- characters are slightly altered, such as "0" instead of an "O".
Last week Google rolled out support for non-Latin characters, a great addition, but one that enhances this problem, as well. With that in mind, the company is attempting to protect its email customers, by now enabling recognition of bad links through Unicode checks.
Ransomware is on the rise according the the latest report from enterprise threat protection specialist Damballa, with an increase in average daily infections of the Kovter infection of 153 percent between April and May this year.
Kovter is "police ransomware" that displays fake legal warnings about pornography. At its peak of activity in June it was recording almost 44,000 infections per day. But while Kovter was thriving CryptoLocker was dealt a blow by the taking down of the GameOver Zeus botnet.
Both businesses and home users now utilize server technology, it's a great way to backup files and keep things safe. But, perhaps it isn't quite as secure as many unsuspecting customers had thought. Synology, one of the leaders in the market, is now dealing with a Crytolocker-like threat, this one aptly name "Synolocker".
Much like its namesake, the software is ransomware, prepared to extort money from unsuspecting NAS customers. While this sounds like doom and gloom, it's actually only compatible with older versions of DiskStation Manager.
Much of the malware in circulation now focuses on using exploits in popular applications such as browsers and office packages in order to remotely execute code. Security suites and specialized anti-exploit tools are aimed at blocking these but how well do they work?
A new study by testing lab PCSL commissioned by Malwarebytes has set out to find the answer. It looks at the exploit mitigation capabilities of 12 different products: Avast Internet Security, AVG Internet Security, Bitdefender Internet Security, Enhanced Mitigation Experience Toolkit from Microsoft, ESET Smart Security, HitmanPro.Alert3, Kaspersky Internet Security, Malwarebytes Anti-Exploit Premium, McAfee Internet Security, Norton Internet Security, Panda Internet Security and Trend Micro Titanium Maximum Security.